[
https://issues.apache.org/jira/browse/FLINK-6713?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17323649#comment-17323649
]
Flink Jira Bot commented on FLINK-6713:
---------------------------------------
This issue is assigned but has not received an update in 7 days so it has been
labeled "stale-assigned". If you are still working on the issue, please give an
update and remove the label. If you are no longer working on the issue, please
unassign so someone else may work on it. In 7 days the issue will be
automatically unassigned.
> Document how to allow multiple Kafka consumers / producers to authenticate
> using different credentials
> ------------------------------------------------------------------------------------------------------
>
> Key: FLINK-6713
> URL: https://issues.apache.org/jira/browse/FLINK-6713
> Project: Flink
> Issue Type: Improvement
> Components: Connectors / Kafka, Documentation
> Reporter: Tzu-Li (Gordon) Tai
> Assignee: Tzu-Li (Gordon) Tai
> Priority: Major
> Labels: stale-assigned
>
> The doc improvements should include:
> 1. Clearly state that the built-in JAAS security module in Flink is a JVM
> process-wide static JAAS file installation (all static JAAS files are, not
> Flink specific), and therefore only allows all Kafka consumers and producers
> in a single JVM (and therefore the whole job, since we do not allow assigning
> operators to specific slots) to authenticate as one single user.
> 2. If Kerberos authentication is used: self-ship multiple keytab files, and
> use Kafka's dynamic JAAS configuration through client properties to point to
> separate keytabs for each consumer / producer. Note that ticket cache would
> never work for multiple authentications.
> 3. If plain simple login is used: Kafka's dynamic JAAS configuration should
> be used (and is the only way to do so).
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
